I'm posting the draft of a proposal that specifies how to hide HS descriptors and addresses from the hidden service directories. ... HSDirs could still learn the address of the HSes by logging the client directory requests (which contain the hidden service address). ... Currently, Hidden Services upload their unencrypted descriptor to hidden service directories (HSDirs). HSDirs store the unencrypted descriptor in an internal map of: <hs address> -> <hs descriptor> When a client wants the descriptor of an HS, it asks an HSDir for the descriptor that corresponds to <hs address>. If the HSDir has such an index in its map, it returns the <hs descriptor> to the client.
It is known there is a de-anon paper regarding HS, that is a separate weakness.
But the above words about HSDirs having plaintext access to any plaintext or decodeable '.onion' string (whether via the descriptor or request argument) is, as far as I know in current operation, being consistently and badly misdated, to the point of causing confusion, even in the above paper.
In current rend-spec.txt we have Sec 1.3, v2 descriptors are used post 0.2.2.1-alpha, specifically...
descriptor-id = H(permanent-id | H(time-period | descriptor-cookie | replica))
???